BeaverTail is a malware family tracked across 8 threat clusters and 10 intelligence report mentions on ThreatCluster. First observed November 14, 2025; most recent activity May 26, 2026.
A sophisticated backdoor malware named Firestarter has been discovered on Cisco Firepower devices, attributed to the state-sponsored threat actor UAT-4356. The malware exploits two vulnerabilities, CVE-2025-20333 and…
The Google Threat Intelligence Group (GTIG) reports that North Korean threat actor UNC5342 has adopted a new technique called EtherHiding to deliver malware and facilitate cryptocurrency theft. This method embeds…
Void Dokkaebi, a North Korean threat actor, has escalated its malware distribution tactics by using fake job interviews to compromise software developers. This campaign, known as the 'Contagious Interview,' targets…
North Korea-linked hackers have exploited a critical flaw in web applications using a new malware called EtherRAT. This remote access trojan employs Ethereum smart contracts for communication and utilizes multiple Linux…
Recent reports detail the tactics employed by various cyber adversaries to enumerate files and directories on compromised systems. Adversaries utilize command shell utilities and custom tools to gather sensitive…
The financial sector, including banks and cryptocurrency platforms, is facing a complex cyber threat landscape. This sector's heavy reliance on digital infrastructure makes it a prime target for both financially…
North Korean threat actors are utilizing JSON storage services to distribute malware through the Contagious Interview campaign, which has been active since 2023. They impersonate hiring professionals to lure developers…
North Korean threat actors are utilizing JSON storage services to distribute malware as part of the ongoing Contagious Interview campaign, which has been active since 2023. The campaign involves impersonating hiring…